New defense strategy sets the tone for an agile cyber force

By Lauren C. Williams

Jan 23, 2018

The unclassified summary of the national defense strategy highlights the Defense Department's intent to integrate cyber operations through acquisition reform and investment in tech capabilities and infrastructure. But the 14-page document, released as the same day the stopgap measure funding the federal government expired leading to a shutdown, omits mention of the role an elevated U.S. Cyber Command, split from the National Security Agency, would play.

Elevating Cyber Command to a full, unified combatant command was part of a mandate in the 2017 defense spending bill and announced by President Donald Trump in August. The move spins it from under the National Security Agency but requests the Pentagon and White House leaders to determine how the agencies should be organized on the cyber front.

"In cyber, what we are going to do is reorganize. I told you we're reorganizing the department to a degree. You're going to see reorganization of the fundamental organizations. The U.S. Cyber Command and the National Security Agency -- they will be organized along different lines," said Defense Secretary Jim Mattis, who discussed the strategy at an event at the Johns Hopkins School for Advanced International Studies.

In August 2017, when the elevation of CyberCom was announced, the dual-hat arrangement remained in place. Reports of the coming retirement of Adm. Mike Rogers, who heads CyberCom and NSA have revived talk of an end to the dual-hatted command arrangement, but details on the departmental reorganization referred to by Mattis in his remarks were not reflected in the strategy.

"I thought the fact that they didn't include dual-hat conversation was interesting. I think it remains an area of disagreement within the department," said William Carter, deputy director and technology policy fellow for the Center for Strategic and International Studies.

Mattis said that the DOD would be prioritizing education, training, recruiting and mission statements, "so that the reorganized forces can work together." But just what that reorganization looks like is still an unknown.

"It's a real challenge because the nature of computer network operations is stealthy and the skillsets are rare and de-confliction is hard," said Kenneth Geers, senior fellow at the Atlantic Council and the North Atlantic Treaty Organization, who specializes in signals intelligence and cyber intelligence.

"Logically, you would like NSA and Cyber Command to have a different space in which to operate but the problem is cyberspace is all around us all the time and it's inherently international. We're on each other's servers all the time," Geers said, adding it's "hard to draw lines" when there are roles for disparate entities including offensive and defensive cyber operations, counter intelligence and law enforcement.

"What I want to see from this administration is the next level of specificity on how they're going to do the things they've set out to do," said Trevor Rudolph, a cybersecurity fellow at the New America Foundation and senior advisor at SecureInsights in Washington, D.C.

The defense strategy states the Defense Department will invest in and "prioritize capabilities to gain and exploit information, deny competitors those same advantages, and enable us to provide attribution while defending against and holding accountable state or non-state actors during cyberattacks."

Maintaining consistency about attribution and retaliation could prove difficult in practice.

"This is, in part, messaging to our adversaries that we're putting out the threat of attribution in a very serious way," Rudolph said. "My concern is misattribution. That's specifically why we never officially attributed the Office of Personnel Management hacks to China. We don't want to blame other nation states of something that we could potentially do ourselves down the road," he said.

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at lwilliams@fcw.com, or follow her on Twitter @lalaurenista.